<?php
	function authenticate($username, $password)
	{
		include("connection.php");
		session_start();
		$flag = false;
		$passmd5 = md5($password);
		$query = mysql_query("select IDEmployee,UserName from employee where UserName='$username' and Password = '$passmd5' and State = 1");
		while ($row=mysql_fetch_array($query)){
			$_SESSION['username'] =  $row['UserName'];
			$_SESSION['IDEmployee'] =  $row['IDEmployee'];
			$flag=true;
			header( 'Location: ../menu.php' );
			
		}		
		if($flag==false){
			$errorMessage = "Not a valid user.";
			header( 'Location: ../login.php' );
		}
	}
?>